<?php
include_once ('class.mysql.php');

class EditUser
{
    private $comtec_id_user;

    private $name;
    private $lastname1;
    private $lastname2;
    private $phone;
    private $email;
    private $position;
    //private $password;
    //private $passwmd5;
    private $access_level;
    
    private $errors;
    private $token;

    public function __construct()
    {
        $this->errors   = array();
            
        $this->comtec_id_user = $_POST['comtec_id_user'];

        $this->name         = $_POST['name'];
        $this->lastname1    = $_POST['lastname1'];
        $this->lastname2    = $_POST['lastname2'];
        $this->phone        = $_POST['phone'];
        $this->email        = $_POST['email'];
        $this->position     = $_POST['position'];
        //$this->password     = $this->filter($_POST['password']);
        //$this->passwmd5     = md5($this->password);
        $this->access_level = $_POST['access_level'];
        $this->token        = $_POST['token'];
    }
    
    public function getName()
    {
     return $this->name;   
    }
    
    public function getLastname1()
    {
     return $this->lastname1;
    }

    public function process()
    {
        if($this->valid_token() && $this->valid_data())
            $this->edit();

        return count($this->errors)? 0 : 1;
    }

    public function filter($var)
    {
        return preg_replace('/[^a-zA-Z0-9@.]/','',$var);
    }

    public function filter_num($var)
    {
        return preg_replace('/[^0-9+]/','',$var);
    }

    public function edit()
    {
        $db = new MySQL();
        
        $result = $db->query("UPDATE users SET
			          name	= '$this->name',
                                  lastname1	= '$this->lastname1',
                                  lastname2	= '$this->lastname2',
                                  phone	= '$this->phone',
                                  email	= '$this->email',
                                  position  = '$this->position',                             
                                  access_level = '$this->access_level'          
	        	         WHERE comtec_id_user = '$this->comtec_id_user'"
			    );

        if($db->affected_rows() < 1)
            $this->errors[] = 'No se puede procesar la inscripci&oacute;n';
    }

    public function show_errors()
    {
        $msg = "";
        foreach($this->errors as $key=>$value)
            $msg = $msg . $value . "\n";
        return $msg;
    }

    public function valid_data()
    {
        //if($this->user_exists())
          //  $this->errors[] = 'Direccion de correo electronico ya existe';

        return count($this->errors)? 0 : 1;
    }

    public function valid_token()
    {
        if(!isset($_SESSION['token']) || $this->token != $_SESSION['token'])
            $this->errors[] = 'Registro inv&aacute;lido';

        return count($this->errors)? 0 : 1;
    }
}
?>
